diff options
author | Colin Watson <cjwatson@debian.org> | 2014-03-20 00:24:29 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-03-20 00:24:29 +0000 |
commit | 796ba4fd011b5d0d9d78d592ba2f30fc9d5ed2e7 (patch) | |
tree | 98105bf1621565a2679d5f7f4d650561be2d7666 /ssh-ecdsa.c | |
parent | 9a975a9faed7c4f334e8c8490db3e77e102f2b21 (diff) | |
parent | 19158b2447e35838d69b2b735fb640d1e86061ea (diff) |
Import openssh_6.6p1.orig.tar.gz
Diffstat (limited to 'ssh-ecdsa.c')
-rw-r--r-- | ssh-ecdsa.c | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c index 10ad9da60..551c9c460 100644 --- a/ssh-ecdsa.c +++ b/ssh-ecdsa.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-ecdsa.c,v 1.8 2014/01/09 23:20:00 djm Exp $ */ | 1 | /* $OpenBSD: ssh-ecdsa.c,v 1.10 2014/02/03 23:28:00 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
@@ -72,7 +72,7 @@ ssh_ecdsa_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
72 | } | 72 | } |
73 | 73 | ||
74 | sig = ECDSA_do_sign(digest, dlen, key->ecdsa); | 74 | sig = ECDSA_do_sign(digest, dlen, key->ecdsa); |
75 | memset(digest, 'd', sizeof(digest)); | 75 | explicit_bzero(digest, sizeof(digest)); |
76 | 76 | ||
77 | if (sig == NULL) { | 77 | if (sig == NULL) { |
78 | error("%s: sign failed", __func__); | 78 | error("%s: sign failed", __func__); |
@@ -140,9 +140,6 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
140 | /* parse signature */ | 140 | /* parse signature */ |
141 | if ((sig = ECDSA_SIG_new()) == NULL) | 141 | if ((sig = ECDSA_SIG_new()) == NULL) |
142 | fatal("%s: ECDSA_SIG_new failed", __func__); | 142 | fatal("%s: ECDSA_SIG_new failed", __func__); |
143 | if ((sig->r = BN_new()) == NULL || | ||
144 | (sig->s = BN_new()) == NULL) | ||
145 | fatal("%s: BN_new failed", __func__); | ||
146 | 143 | ||
147 | buffer_init(&bb); | 144 | buffer_init(&bb); |
148 | buffer_append(&bb, sigblob, len); | 145 | buffer_append(&bb, sigblob, len); |
@@ -153,7 +150,7 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
153 | buffer_free(&bb); | 150 | buffer_free(&bb); |
154 | 151 | ||
155 | /* clean up */ | 152 | /* clean up */ |
156 | memset(sigblob, 0, len); | 153 | explicit_bzero(sigblob, len); |
157 | free(sigblob); | 154 | free(sigblob); |
158 | 155 | ||
159 | /* hash the data */ | 156 | /* hash the data */ |
@@ -169,7 +166,7 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
169 | } | 166 | } |
170 | 167 | ||
171 | ret = ECDSA_do_verify(digest, dlen, sig, key->ecdsa); | 168 | ret = ECDSA_do_verify(digest, dlen, sig, key->ecdsa); |
172 | memset(digest, 'd', sizeof(digest)); | 169 | explicit_bzero(digest, sizeof(digest)); |
173 | 170 | ||
174 | ECDSA_SIG_free(sig); | 171 | ECDSA_SIG_free(sig); |
175 | 172 | ||